Module Name
Juniper Networks SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, and SRX650 Services Gateways
Validation Dates
03/07/2017
Caveat
When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.
FIPS Algorithms
| AES |
Certs. #4055, #4056, #4066, #4067, #4068 and #4069 |
| CVL |
Certs. #880 and #926 |
| DRBG |
Cert. #1216 |
| DSA |
Certs. #1096, #1099, #1100, #1101 and #1102 |
| ECDSA |
Certs. #909, #912, #913, #914 and #915 |
| HMAC |
Certs. #2647, #2648, #2653, #2654, #2655 and #2656 |
| RSA |
Certs. #2087, #2197, #2198, #2199 and #2200 |
| SHS |
Certs. #3342, #3343, #3349, #3350, #3351 and #3352 |
| Triple-DES |
Certs. #2217, #2218, #2219, #2220, #2223 and #2224 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); HMAC-SHA-1-96 (HMAC Certs. #2647, #2648, #2653, #2654, #2655 and #2656); NDRNG; ARCFOUR; Blowfish; CAST; DSA (non-compliant); HMAC-MD5; HMAC-RIPEMD160; UMAC
Hardware Versions
P/Ns {SRX100H2, SRX110H2-VA, SRX110H2-VB, SRX210HE2, SRX220H2, SRX240H2, SRX550, SRX650} with JNPR-FIPS-TAMPER-LBLS
Firmware Versions
JUNOS-FIPS 12.3X48-D30
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
